Security Risk & Compliance Management Specialist

United Kingdom - Greater London

Applications have closed

Rackspace

As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.

View company page

Rackspace currently have a fantastic opportunity for an experience Security Risk & Compliance specialist to join our EMEA team
Key ResponsibilitiesCollaborates across the organization to execute and mature the Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports. Participates in cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team. Where ideal solutions cannot be found, identifies and reports enterprise level risks and failures to management for escalation. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Information Security, IT Risk, and compliance staff. Communicates the value of IT Risk, Compliance, and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Promotes sharing of expertise through consulting, presentation, and documentation. Assists in training other Compliance or Security staff where necessary. Communicates the value of Compliance and Information Security within the organization. Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Coordinates cross-functionally to ensure a holistic approach to security and compliance across the organization. Evaluates, monitors, and ensures compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements. Supports business partners where necessary in dealing with current and prospective clients.
Risk: Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties. Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired. Creates risk remediation plans with business owners and follows through in the implementation of changes. Compliance: Conducts annual audits for industry specific reports, including PCI, ISO27001, SOC1, SOC2, SOC3, SOX, and CDSA. Documents findings where deviations exist through internal or external testing. Develops internal control testing and documented processes. Updates internal control matrices where necessary to support annual changing environments. Ability to adapt and create processes as applicable, including changes in processes or reporting metrics. Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering. Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
KnowledgeExcellent written and verbal communication skills. Able to communicate with all levels of the organization. Aptitude to develop and maintain internal and external business relationships and to leverage those relationships in pursuit of goals and responsibilities. Excellent analytical skills to analyze and evaluate technical information. Strong knowledge of application and system vulnerabilities and exposures. Knowledge of basic system, network, and operating system hardening techniques. Excellent knowledge of Information Assurance (IA) principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation). Strong knowledge of network architecture concepts including topology, protocols, and components. Knowledge of network communication protocols and directory services. Knowledge of network security architecture and risks associated. Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. Strong knowledge of security policies and practices, including ISO 27001 and Payment Card Industry (PCI). Ability to work independently on tasks and take ownership of projects.
CertificationsSecurity+, Network+, Project+, CISSP, Professional certifications preferred. Risk: CRISC, ISSEP, GCED, GCIA. Compliance: CISA
ExperiencePractical information security experience in developing and maintaining secure architectures for large enterprises is required
#LI-SB1

About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.

Tags: Audits CISA CISSP Compliance CRISC GCED GCIA ISO 27001 Linux Network security Risk assessment SOC 1 SOC 2 SOC 3 UNIX Vulnerabilities Windows

Perks/benefits: Team events

Region: Europe
Country: United Kingdom
Job stats:  7  0  0
Category: Compliance Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.